Has anyone taken the Mukyu or the Shodan course from hackingdojo.com? A little background about me... I am trying to transition over to the penetration testing/ethical hacking world. Currently, I work as a UI developer. With that said, I do not have much experience in this field.

I have tried to do self-study, but found it difficult since I am so new in the field. I enrolled to take the eCPPT course, but could not complete it due to all of the information. I felt overwhelmed.

For the people who have done the Shodan course, how did you feel about the course?

I'm currently studying with him. I finished the foundations class and it's really good. His videos have a relaxed tone and the supplemental material is good. I've checked eCPPT and the difference is that they are 80% reading 20% videos from an instructor guiding you. Tom is the oposite. Plus you have a 20+ live targets hacking lab for you to practice at no extra charge. He has a special going on right now with a 50% off the classes. If I were you I'll go for it... Just my 2 cents

His pentest book is also a great tool to have along with the course. He follows a clear methodology that helps you on the real world, it's not just hack this or that. It's: follow this procedure so you can finish your testing with a decent report based on a standard. Highly recommended

Last edited by esojzuir on Wed Feb 27, 2013 5:56 pm, edited 1 time in total.

I've done most of the Shodan course, however I failed at cracking some passwords. Despite that I tried idunno, 50-100'000 relevant variations of the mentioned topic, and 165 million random different passwords. Did any of them crack? Nope.

MaXe wrote:I've done most of the Shodan course, however I failed at cracking some passwords. Despite that I tried idunno, 50-100'000 relevant variations of the mentioned topic, and 165 million random different passwords. Did any of them crack? Nope.

I failed at cracking some of the passwords as well MaXe. I spent weeks after trying to crack them but couldn't get them.

Not really the point of the thread, but I have a default group of dictionaries I use that contain over 165 million, and that's just the starting list (which would not have found the words you were looking for either). I also screen scrape web sites of clients and find new dictionaries unique to the target, which often yield better results than the default dics.

Grendel wrote:Not really the point of the thread, but I have a default group of dictionaries I use that contain over 165 million, and that's just the starting list (which would not have found the words you were looking for either). I also screen scrape web sites of clients and find new dictionaries unique to the target, which often yield better results than the default dics.

I think is the is the better way to crack the password, use the info in their website or social network where they visit